mirror of
https://github.com/systemd/systemd.git
synced 2024-10-30 06:25:37 +03:00
Merge pull request #24663 from mrc0mmand/codeql-follow-up
A couple of CodeQL tweaks and follow ups
This commit is contained in:
commit
c9bc7a449c
2
.github/codeql-config.yml
vendored
2
.github/codeql-config.yml
vendored
@ -9,4 +9,4 @@ queries:
|
|||||||
- name: Enable possibly useful queries which are disabled by default
|
- name: Enable possibly useful queries which are disabled by default
|
||||||
uses: ./.github/codeql-custom.qls
|
uses: ./.github/codeql-custom.qls
|
||||||
- name: systemd-specific CodeQL queries
|
- name: systemd-specific CodeQL queries
|
||||||
uses: ./.lgtm/cpp-queries/
|
uses: ./.github/codeql-queries/
|
||||||
|
10
.github/workflows/codeql-analysis.yml
vendored
10
.github/workflows/codeql-analysis.yml
vendored
@ -9,6 +9,16 @@ on:
|
|||||||
branches:
|
branches:
|
||||||
- main
|
- main
|
||||||
- v[0-9]+-stable
|
- v[0-9]+-stable
|
||||||
|
paths:
|
||||||
|
- '**/meson.build'
|
||||||
|
- '.github/**/codeql*'
|
||||||
|
- 'src/**'
|
||||||
|
- 'test/**'
|
||||||
|
- 'tools/**'
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
- v[0-9]+-stable
|
||||||
|
|
||||||
permissions:
|
permissions:
|
||||||
contents: read
|
contents: read
|
||||||
|
40
.lgtm.yml
40
.lgtm.yml
@ -1,40 +0,0 @@
|
|||||||
---
|
|
||||||
# vi: ts=2 sw=2 et:
|
|
||||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
||||||
|
|
||||||
# Explicitly enable certain checks which are hidden by default
|
|
||||||
queries:
|
|
||||||
- include: cpp/bad-strncpy-size
|
|
||||||
- include: cpp/declaration-hides-variable
|
|
||||||
- include: cpp/inconsistent-null-check
|
|
||||||
- include: cpp/mistyped-function-arguments
|
|
||||||
- include: cpp/nested-loops-with-same-variable
|
|
||||||
- include: cpp/sizeof-side-effect
|
|
||||||
- include: cpp/suspicious-pointer-scaling
|
|
||||||
- include: cpp/suspicious-pointer-scaling-void
|
|
||||||
- include: cpp/suspicious-sizeof
|
|
||||||
- include: cpp/unsafe-strcat
|
|
||||||
- include: cpp/unsafe-strncat
|
|
||||||
- include: cpp/unsigned-difference-expression-compared-zero
|
|
||||||
- include: cpp/unused-local-variable
|
|
||||||
- include:
|
|
||||||
tags:
|
|
||||||
- "security"
|
|
||||||
- "correctness"
|
|
||||||
severity: "error"
|
|
||||||
|
|
||||||
extraction:
|
|
||||||
cpp:
|
|
||||||
prepare:
|
|
||||||
packages:
|
|
||||||
- libpwquality-dev
|
|
||||||
- libfdisk-dev
|
|
||||||
- libp11-kit-dev
|
|
||||||
- libssl-dev
|
|
||||||
- python3-jinja2
|
|
||||||
after_prepare:
|
|
||||||
- pip3 install -r .github/workflows/requirements.txt --require-hashes
|
|
||||||
- export PATH="/opt/work/.local/bin:$PATH"
|
|
||||||
python:
|
|
||||||
python_setup:
|
|
||||||
version: 3
|
|
Loading…
Reference in New Issue
Block a user